options IPFIREWALL
options IPFW2 # for FreeBSD < 4.7 use IPFW instead of IPFW2
options IPFIREWALL_VERBOSE   #we also want logs, right ?
options IPFIREWALL_VERBOSE_LIMIT=100 # This prevents your log file from filling
                                     # up with lots of repetitive entries
options IPDIVERT		     # Enables divert sockets (we're gonna talk about this
         			     # latter
options TCP_DROP_SYNFIN		     # This option ignores all TCP packets that contain
				     # SYN and FIN, this prevents OS fingerprinting with tools
				     # like nmap. This option is not recommended if your gonna
				     # run a webserver on this machine because it breaks support
				     # for RFC1644.